Module: Idsimple::Rack::Helper

Included in:

AuthenticatorApp, ValidatorMiddleware

Defined in:

lib/idsimple/rack/helper.rb

Instance Method Summary

• #api ⇒ Object
• #configuration ⇒ Object
• #decode_access_token(access_token, signing_secret) ⇒ Object
• #get_access_token(req) ⇒ Object
• #logger ⇒ Object
• #redirect_to_authenticate_or_unauthorized_response(req, res = ::Rack::Response.new) ⇒ Object
• #remove_access_token(req, res) ⇒ Object
• #set_access_token(req, res, new_access_token, new_decoded_access_token) ⇒ Object
• #signing_secret ⇒ Object
• #unauthorized_response(req, res = ::Rack::Response.new) ⇒ Object

Instance Method Details

#api ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 59

def api
  @api ||= Idsimple::Rack::Api.new(
    configuration.api_base_url,
    configuration.api_base_path,
    configuration.api_key
  )
end

#configuration ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 7

def configuration
  Idsimple::Rack.configuration
end

#decode_access_token(access_token, signing_secret) ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 52

def decode_access_token(access_token, signing_secret)
  AccessTokenHelper.decode(access_token, signing_secret, {
    iss: configuration.issuer,
    aud: configuration.app_id
  })
end

#get_access_token(req) ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 40

def get_access_token(req)
  configuration.get_access_token.call(req)
end

#logger ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 11

def logger
  configuration.logger
end

#redirect_to_authenticate_or_unauthorized_response(req, res = ::Rack::Response.new) ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 25

def redirect_to_authenticate_or_unauthorized_response(req, res = ::Rack::Response.new)
  issuer = configuration.issuer
  app_id = configuration.app_id
  access_attempt = req.params["idsimple_access_attempt"]

  if configuration.redirect_to_authenticate && issuer && app_id && !access_attempt
    logger.info("Redirecting to authenticate")
    access_url = "#{issuer}/apps/#{app_id}/access?return_to=#{req.fullpath}"
    res.redirect(access_url)
    res.finish
  else
    unauthorized_response(req, res)
  end
end

#remove_access_token(req, res) ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 48

def remove_access_token(req, res)
  configuration.remove_access_token.call(req, res)
end

#set_access_token(req, res, new_access_token, new_decoded_access_token) ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 44

def set_access_token(req, res, new_access_token, new_decoded_access_token)
  configuration.set_access_token.call(req, res, new_access_token, new_decoded_access_token)
end

#signing_secret ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 15

def signing_secret
  configuration.signing_secret
end

#unauthorized_response(req, res = ::Rack::Response.new) ⇒ Object

# File 'lib/idsimple/rack/helper.rb', line 19

def unauthorized_response(req, res = ::Rack::Response.new)
  logger.info("Unauthorized")
  configuration.unauthorized_response.call(req, res)
  res.finish
end